← Back

CVE-2010-2836

nvd nist
Published: Sep 23, 2010Modified: Apr 29, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.

Affected (31)

Products: Cisco: Ios
1 product
Ios
Configuration A
31 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Version 12.4
Version 12.4gc
Version 12.4mda
Version 12.4mr
Version 12.4mra
Version 12.4sw
Version 12.4xa
Version 12.4xb
Version 12.4xc
Version 12.4xd
Version 12.4xe
Version 12.4xf
Version 12.4xg
Version 12.4xj
Version 12.4xk
Version 12.4xl
Version 12.4xm
Version 12.4xn
Version 12.4xp
Version 12.4xt
Version 12.4xv
Version 12.4xw
Version 12.4xy
Version 12.4xz
Version 12.4ya
Version 12.4yb
Version 12.4yd
Version 15.0m
Version 15.0xa
Version 15.1(1)xb1
Version 15.1t

Related CWEs

References (2)

Timeline

No history available yet.